<?php require_once('header.php'); ?>
<?php //include_once('topwidget.php'); ?>

<div id="contentBox">
<?php include_once('sidebar.php'); ?>

<!--- query for signup an user to the site -->
<?php
if(isset($_POST['Login'])) {
	$username= $_POST['username'];
	$passkey = md5(mysql_real_escape_string($_POST['passkey']));
	$user_cond = "username='$username'";
	$sql = "SELECT userid, fullname, username, typeid FROM users WHERE $user_cond AND `passkey` = '$passkey'"; 
	connection();
	$result = mysql_query($sql) or die (mysql_error());
	
	while($rows = mysql_fetch_array($result)) {
		$_SESSION['userid'] = $rows['userid'];
		$_SESSION['fullname'] = $rows['fullname'];
		$_SESSION['username'] = $rows['username'];
		$_SESSION['typeid'] = $rows['typeid'];
		
		if(isset($_SESSION['userid'])) {
			header("Location: profile.php?userid=$_SESSION[userid]");
		} else {
			failed();
		}			
	}
	
}
?>

<div id="content">
    <div class="form">
    <fieldset>
    	<legend><h1>Login to your account</h1></legend>
        <form action="login.php" method="post">
            <div class="inputArea">
                <label for="input">Username</label>
                <input type="text" name="username" />
            </div>
            <div class="inputArea">
                <label for="input">Password</label>
                <input type="password" name="passkey" />
            </div>
            <div class="inputArea">
            	<label for="input">&nbsp;</label>
                <input class="oBtn inneroBtnPrimary" type="submit" name="Login" value="Login" />
            </div>
        </form>
		<p>Are you new user? Please <a class="oBtn inneroBtnPrimary" href="signup.php">Create an account</a></p>
	</fieldset><br />
</div>

<!-- end content in bottom div -->
</div>
<div style="clear:both;"></div>

<?php //include_once('bottomwidget.php'); ?>
<?php include_once('footer.php'); ?>
